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Ckaims 

[1] A network security system for permitting a trusted process using a firewall, the 

firewall protecting a corresponding network connection of a computer to a 
network by setting restrictions on information communicated between networks, 
comprising: 

a port monitoring unit for extracting information about a server port being used 
tbroigh a network communication program; 

an intemal permitted program stor^e for extracting information about a prpgram 
for which communication is permitted by the firewall, and re^stering the 
extracted information; 

an intemal permitted port stor^e, if the port monitoring unit extracts the in- 
formation about the server port being used using the program registered in the 
intemal permitted program storage, re^stering the extracted information about 
the server port; and 

a device for maldng the firewall flexible, determining whether a destination port 
of a packet of inbound traffic has been re^stered in the intemal permitted port 
stor^e, and if the destination port has not been registered, transmitting the cor- 
responding packet to the firewall, and if the destination port has been registered, 
allowing the corresponding packet to bypass the firewall. 

[2] The network security system as set forth in claim 1, wherein the information 

about the program, which is extracted and registered in the intemal permitted 
program stor^e, includes information about a program name, an entire path of 
the program, and a program Mess^e Digest 5 (MD5) hash value. 

[3] The network security system as set forth in claim 1, whereinthe information 

about the server port, which is extracted and registered in the intemal permitted 
port stor^e, includes information about an entire path of the program, a 
protocol, and a port. 

[4] A network security method of permitting a trusted process using a firewall, the 

firewall protecting a corresponding network connection of a computer to a 
network by setting restrictions on information communicated between networks, 
comprising: 

the first step of extracting information about a server port being used throigh a 
network communication program; 

the second step of extracting information about a program for which com- 
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munication is permitted by the iiicwmi, and re^stering the extracted infonnation 
in an internal permitted prcgram stor^e; 

the third step of, if information about the server port being used is extracted 
using the prcgram registered in the internal permitted program storage at the first 
step, re^stering the information about the extracted server port in intemal 
permitted port stor^e; 

the fourth step of determining whether a destination port of a packet of inbound 
traffic has been re^stered in the intemal permitted port stor^e; 
the fifth step of, if, as a result of die determination at the fourth step, the 
destination port has not been registered, transmitting the packet of inbound 
traffic to the firewall and 

the sixth step of, if , as a result of the determination at the fourth step, the 
destination port has been registered, allowing the corresponding packet to bypass 
the firewall. 

[S] The network security method as set forth in claim 4, wherein, in the case of 

performing communication using Transmission Control Protocol (TCP), the first 
step extracts a listen port throigh hooldng when a socket performs listen to 
operate as a server. 

[6] The network security method as set forth in claim 4, wherein, in the case of com- 

munication using User Datagram Protocol (UDP), the first step extracts the 
server port by performing hooldng in a user mode when a socket calls a relevant 
function to receive a packet. 

[7] Hie network security method as set forth in claim 4, wherein, the sixth step 

allows the corresponding packet to bypass the firewall by calling a hooked 
ori^al function. 

[8] The network security method as set forth in claim 4, wherein the information 

about the prcgram, which is extracted and registered at the second step, includes 
information about a prcgram name, an entire path of the prcgram, and a prcgram 
Mess^e Digest 5 (MD5) hash value. 

[9] The network security method as set forth in claim 4, wherein the information of 

the server port, which is extracted and registered at the third step, includes in- 
formation about an entire path of the prqgram, a protocol, and a port. 

[10] A computer-readable recording medium for performing a network security 

method using a firewall, the medium storing a prcgram for executing the 
method, the method comprising: 
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the first step of extracting infonuauuu auout a server port being used through a 
network communication prqgram; 

the second step of extracting infomiation about a program for which com- 
munication is permitted by the firewall, and re^stering the extracted information 
in an internal permitted prcgram stoi^e; 

the third step of, if information about the server port being used is extracted 
using the prcgram registered in the internal permitted program stonge at the first 
step, registering the information about the extracted server port in an intemal 
permitted port stor^e; 

the fourth step of determining whether a destination port of a packet of inbound 
traffic has been re^stered in the intemal permitted port stor^e; 
the fifth step of, if, as a result of the determination at the fourth step, the 
destination port has not been registered, transmitting the packet of inbound 
traffic to the firewall and 

the sixth step of, if , as a result of the determination at the fourth step, the 
destination port has been registered, allowing the corresponding packet to bypass 
the firewall. 



